Malware

Win32/Kryptik.HSPP removal tips

Malware Removal

The Win32/Kryptik.HSPP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.HSPP virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/Kryptik.HSPP?



File Info:

name: 170E3FEFCB25716CD80D.mlw
path: /opt/CAPEv2/storage/binaries/80ccfb00717cef3e3e50b503d5102aa045ecec9a3b51ab055a9cc2c56895371b
crc32: 81C612F6
md5: 170e3fefcb25716cd80d3dea30e0a42b
sha1: 995394b2be93d727ffe309848f35e0132bbdaa2e
sha256: 80ccfb00717cef3e3e50b503d5102aa045ecec9a3b51ab055a9cc2c56895371b
sha512: 71da0584e81447541015843cce56b1eb15b65b45667b71fbb1eab0dec326b3e07f2587311aa2b36dbd379a3ee6cb2389c5358ef232849ba497d367c25a3dab1c
ssdeep: 3072:AM9O2i8oJP+8xr9vv+DzKyXv9GscT6kyt96+ZYLVEA:AeVijJP+sVv+3KyXvJ179TYx7
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E4149E203288C136F4AB257088F9D97AAABD7835175F11DBFBC45A6D4F227E16B30247
sha3_384: 04013bc3613b57cb943a14af22aa2c73240f9e8d633981a19470bc1e5ae535d366dba56e5d35f5bafc0488fdac1f72ae
ep_bytes: e8ab770000e9a4feffff3b0d30d54200
timestamp: 2023-05-28 19:06:35


Version Info:

Comments: 89xsFFtL50ny6xUspFdoyy6dFsphWF
CompanyName: The Home Depot, Inc.
FileDescription: The Home Depot, Inc. Product
FileVersion: 8,899,96,489
InternalName: PFI9RMldpu
LegalCopyright: Copyright © The Home Depot, Inc. All rights reserved.
LegalTrademarks: Trademark © The Home Depot, Inc.
OriginalFilename: aA86qISn
ProductName: 9hlzzkvdzc8g
ProductVersion: 8,899,96,489
Translation: 0x081a 0x081a

Win32/Kryptik.HSPP also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Convagent.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.99825
FireEyeGeneric.mg.170e3fefcb25716c
ALYacTrojan.GenericKDZ.99825
Cylanceunsafe
SangforTrojan.Win32.Convagent.Vlzj
K7AntiVirusTrojan ( 0059ec631 )
AlibabaTrojan:Win32/Kryptik.9250017f
K7GWTrojan ( 0059ec631 )
VirITTrojan.Win32.Genus.QXS
CyrenW32/Kryptik.JXN.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/Kryptik.HSPP
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Convagent.gen
BitDefenderTrojan.GenericKDZ.99825
AvastWin32:CrypterX-gen [Trj]
TencentTrojan.Win32.Kryptik.16000672
EmsisoftTrojan.GenericKDZ.99825 (B)
F-SecureHeuristic.HEUR/AGEN.1305824
DrWebTrojan.PWS.Stealer.36575
VIPRETrojan.GenericKDZ.99825
TrendMicroTROJ_GEN.R002C0DEV23
McAfee-GW-EditionBehavesLike.Win32.Triusor.ch
Trapminemalicious.high.ml.score
SophosTroj/Krypt-YL
GDataWin32.Trojan.PSE.1HIMRSS
AviraHEUR/AGEN.1305824
Antiy-AVLTrojan/Win32.Kryptik
ArcabitTrojan.Generic.D185F1
ZoneAlarmHEUR:Trojan.MSIL.Convagent.gen
MicrosoftTrojan:Win32/Convagent.MKV!MTB
GoogleDetected
AhnLab-V3Trojan/Win.Trojan-gen.R582519
McAfeeGenericRXAA-AA!170E3FEFCB25
MAXmalware (ai score=87)
VBA32BScope.TrojanPSW.RedLine
MalwarebytesTrojan.MalPack.RV
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DEV23
RisingStealer.Agent!8.C2 (TFE:5:r2ALkBiM5NG)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Malware.109640529.susgen
FortinetW32/Kryptik.HTQS!tr
AVGWin32:CrypterX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HSPP?

Win32/Kryptik.HSPP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment